Jo-Ellyn Sakowitz Klein, senior counsel in Akin Gump’s privacy and data protection practice, is quoted by POLITICO discussing a possible new rule from the Department of Health and Human Services that could affect tens of millions of people whose health information has been compromised by data breaches.

The article, “Overdue HHS rule could impact data breach settlements,” notes that HHS was due to rule on the issue in 2012. To date, courts have refused to compensate anyone whose records were stolen or viewed unless they could prove harm resulted.

If HHS decides there is a monetary value associated with data breaches, Klein says, “it could be a real game changer.” But, she adds, “The devil would be in the details. It would depend on how far the agency went in the rule making.”

Looking ahead, Klein predicts a decision by HHS could have much “broader implications” if some state courts latch onto a federal standard of harm. If victims believe they can recoup money, she adds, there could be an increase in the number of HIPAA-violation complaints.